The United Nations Office on Drugs and Crime (UNODC), led by Russian diplomat, Yury Fedotov, has just released a report (pdf) arguing for more surveillance and retention of data on all communications, even in the total absence of suspicion. Coincidentally, the Coordinator of the elegantly named 1267 Committee that was in charge of the report is British – and the British government recently proposed (even if it is likely to be rejected at national level) the most extensive suspicionless monitoring ever considered in a democratic society – the Communications Data Bill.

A further coincidence is that Hamadan Touré held a meeting
with Vladimir Putin late last year (then Prime Minister of Russia) where, according to the Russian government website, one of theideas put forward by Mr Touré
was “establishing international control over the Internet using the monitoring and supervisory capabilities of the International Telecommunication Union (ITU)”.

Since that meeting, the Russian Federation has joined with Algeria, China, Côte d’Ivoire and Egypt to propose a new role for the ITU in “cybersecurity and cybercrime”. Russia is also part of a group of countries including Egypt and Iran, that demands new rules on standardisation, to replace the very effective and functioning consensus-based standards development processes for the Internet.

The support for an increased role for the ITU on harmonised cybersecurity and cybercrime policy on a global level dovetails almost seamlessly with the goals of the UNODC document. For example, one of its key arguments is that “the development of a universally agreed regulatory framework imposing consistent obligations on all ISPs regarding the type and duration of customer usage data to be retained would be of considerable benefit to law enforcement and intelligence agencies investigating terrorism cases.”

This is rather curious since this demand completely ignores the European Commission’sevaluation report of the Data Retention Directive which clearly showed that data retention is neither necessary for market harmonisation nor for the fight against serious crime – and is therefore likely to be substantially revised if not completely repealed in the European Union.

The report also regrets that national “data protection or privacy legislation can often restrict the ability of law enforcement and intelligence agencies to share information with both national and foreign counterparts.” The fact that no UN human rights agency was involved in the project might explain the lack of respect for established and binding UN human rights instruments.

But why bother with laws when one has privatised enforcement measures? The UN report also calls for the establishment of “informal relationships or understandings with ISPs (both domestic and foreign) that might hold data relevant for law enforcement purposes about procedures for making such data available for law enforcement investigations.” If one compares this proposal for just one second with Article 17.1 of the United Nations International Covenant on Civil and Political Rights, which states that “no one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence,” one is left with the impression that the UN report is nothing less than an unjustified assault on decades-old universally agreed human rights principles.

Two weeks ago, UN Secretary General Ban Ki-Moon said “Where governments fail to live up to their obligations under international law, we have to remind them to do so.” We urge the UN to lead by example.